fix: signin/idtoken: insert user provider if user provider not found (#…

…590) ### **PR Type** Bug fix, Tests ___ ### **Description** - Added a new boolean return value in `postSigninIdtokenCheckUserExists` to indicate if the provider was found. - Updated `PostSigninIdtoken` to handle the new return value and insert the user provider if not found. - Enhanced test cases to mock and verify the insertion of user provider during sign-in. ___ ### **Changes walkthrough** 📝 <table><thead><tr><th></th><th align="left">Relevant files</th></tr></thead><tbody><tr><td><strong>Bug fix</strong></td><td><table> <tr> <td> <details> <summary><strong>post_signin_idtoken.go</strong><dd><code>Handle missing user provider during sign-in</code>                            </dd></summary> <hr> go/controller/post_signin_idtoken.go <li>Added a new boolean return value to indicate if the provider was <br>found.<br> <li> Updated the <code>postSigninIdtokenCheckUserExists</code> function to handle the <br>new return value.<br> <li> Modified the <code>PostSigninIdtoken</code> function to use the new return value.<br> <li> Inserted user provider if not found during sign-in.<br> </details> </td> <td><a href="https://github.com/nhost/hasura-auth/pull/590/files#diff-9fd0de4be8562a869563cff72a27f579c9c45d66d9f6d4754a9dd20498514b53">+26/-9</a>    </td> </tr> </table></td></tr><tr><td><strong>Tests</strong></td><td><table> <tr> <td> <details> <summary><strong>post_signin_idtoken_test.go</strong><dd><code>Add tests for inserting user provider during sign-in</code>          </dd></summary> <hr> go/controller/post_signin_idtoken_test.go <li>Added test cases to mock <code>InsertUserProvider</code> function.<br> <li> Verified the insertion of user provider when not found.<br> </details> </td> <td><a href="https://github.com/nhost/hasura-auth/pull/590/files#diff-d849cc9b72340eb39d633b2446f3223cb202e09cabdef07b5ce512f15fc129f2">+20/-0</a>    </td> </tr> </table></td></tr></tr></tbody></table> ___ > 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull request to receive relevant information
nhost · Nov 28, 2024 · 3e2ffd3 · 3e2ffd3
1 parent f1f4ae2
commit 3e2ffd3
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 9 deletions.
diff --git a/go/controller/post_signin_idtoken.go b/go/controller/post_signin_idtoken.go
@@ -50,28 +50,28 @@ func (ctrl *Controller) postSigninIdtokenValidateRequest(
 
 func (ctrl *Controller) postSigninIdtokenCheckUserExists(
 	ctx context.Context, email, providerID, providerUserID string, logger *slog.Logger,
-) (sql.AuthUser, bool, *APIError) {
+) (sql.AuthUser, bool, bool, *APIError) {
 	user, apiError := ctrl.wf.GetUserByProviderUserID(ctx, providerID, providerUserID, logger)
 	switch {
 	case errors.Is(apiError, ErrUserProviderNotFound):
 	case apiError != nil:
 		logger.Error("error getting user by provider user id", logError(apiError))
-		return user, false, apiError
+		return user, false, false, apiError
 	default:
-		return user, true, nil
+		return user, true, true, nil
 	}
 
 	user, apiError = ctrl.wf.GetUserByEmail(ctx, email, logger)
 	switch {
 	case errors.Is(apiError, ErrUserEmailNotFound):
 	case apiError != nil:
 		logger.Error("error getting user by email", logError(apiError))
-		return sql.AuthUser{}, false, ErrInternalServerError
+		return sql.AuthUser{}, false, false, ErrInternalServerError
 	default:
-		return user, true, nil
+		return user, true, false, nil
 	}
 
-	return user, false, nil
+	return user, false, false, nil
 }
 
 func (ctrl *Controller) PostSigninIdtoken( //nolint:ireturn
@@ -94,15 +94,17 @@ func (ctrl *Controller) PostSigninIdtoken( //nolint:ireturn
 		return ctrl.respondWithError(ErrInvalidEmailPassword), nil
 	}
 
-	user, found, apiError := ctrl.postSigninIdtokenCheckUserExists(
+	user, userFound, providerFound, apiError := ctrl.postSigninIdtokenCheckUserExists(
 		ctx, profile.Email, string(req.Body.Provider), profile.ProviderUserID, logger,
 	)
 	if apiError != nil {
 		return ctrl.respondWithError(apiError), nil
 	}
 
-	if found {
-		return ctrl.postSigninIdtokenSignin(ctx, user, logger)
+	if userFound {
+		return ctrl.postSigninIdtokenSignin(
+			ctx, user, providerFound, req.Body.Provider, profile.ProviderUserID, logger,
+		)
 	}
 
 	return ctrl.postSigninIdtokenSignup(ctx, req, profile, logger)
@@ -233,10 +235,25 @@ func (ctrl *Controller) postSigninIdtokenSignupWithoutSession(
 func (ctrl *Controller) postSigninIdtokenSignin( //nolint:ireturn
 	ctx context.Context,
 	user sql.AuthUser,
+	providerFound bool,
+	provider api.Provider,
+	providerUserID string,
 	logger *slog.Logger,
 ) (api.PostSigninIdtokenResponseObject, error) {
 	logger.Info("user found, signing in")
 
+	if !providerFound {
+		if _, apiErr := ctrl.wf.InsertUserProvider(
+			ctx,
+			user.ID,
+			string(provider),
+			providerUserID,
+			logger,
+		); apiErr != nil {
+			return ctrl.respondWithError(apiErr), nil
+		}
+	}
+
 	session, err := ctrl.wf.NewSession(ctx, user, logger)
 	if err != nil {
 		logger.Error("error getting new session", logError(err))

diff --git a/go/controller/post_signin_idtoken_test.go b/go/controller/post_signin_idtoken_test.go
@@ -606,6 +606,26 @@ func TestPostSigninIdToken(t *testing.T) { //nolint:maintidx
 						WebauthnCurrentChallenge: pgtype.Text{},
 					}, nil)
 
+				mock.EXPECT().InsertUserProvider(
+					gomock.Any(),
+					sql.InsertUserProviderParams{
+						UserID:         userID,
+						ProviderID:     "fake",
+						ProviderUserID: "106964149809169421082",
+					},
+				).Return(
+					sql.AuthUserProvider{
+						ID:             userID,
+						CreatedAt:      pgtype.Timestamptz{}, //nolint:exhaustruct
+						UpdatedAt:      pgtype.Timestamptz{}, //nolint:exhaustruct
+						UserID:         userID,
+						AccessToken:    "unset",
+						RefreshToken:   pgtype.Text{}, //nolint:exhaustruct
+						ProviderID:     "fake",
+						ProviderUserID: "106964149809169421082",
+					}, nil,
+				)
+
 				mock.EXPECT().GetUserRoles(
 					gomock.Any(), userID,
 				).Return([]sql.AuthUserRole{